d65bd9e4426bf381e2d00c2a3b0a72b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d65bd9e4426bf381e2d00c2a3b0a72b8_JaffaCakes118
Size

360KB
MD5

d65bd9e4426bf381e2d00c2a3b0a72b8
SHA1

01e1c3750052248ec3235a1b88261d68d8338642
SHA256

47d5b4e29320869b6fdc3202b807dccab37c453bc31392ed883ee8b8c27b6d43
SHA512

d5ce755c9f4d59ec6474e01f64bb78a849a0d20a9a97a624654b8fa163020c10973096621d811720b18df21597153d731910cb9e4e409fb9367edf51b64789bd
SSDEEP

6144:/MzN2wYV7F7ZVhwYuZaIxlt6orOxEStdHgdoKvN5fga1I2LYZC3a+K4P:/lweg7FZHrOxFbKvNJKMqC3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d65bd9e4426bf381e2d00c2a3b0a72b8_JaffaCakes118

Files

d65bd9e4426bf381e2d00c2a3b0a72b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5884ff5e299d6a2b0a3b3f0d67acf11c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
SetThreadLocale
OutputDebugStringW
SetConsoleCursorPosition
VirtualLock
CreateMutexA
DosDateTimeToFileTime
FatalAppExitA
FileTimeToLocalFileTime
GetVolumeInformationW
GlobalDeleteAtom
GetEnvironmentStringsW
FlushFileBuffers
RemoveDirectoryW
GetSystemTimeAdjustment
lstrcpynA
VirtualUnlock
CreateDirectoryW
WritePrivateProfileStringA
GlobalGetAtomNameW
SizeofResource
FindFirstFileW
SetNamedPipeHandleState
ReadFileScatter
GetTempFileNameA
FindFirstFileExW
SetEnvironmentVariableW
GetCommModemStatus
SetLastError
SetProcessAffinityMask
EnumCalendarInfoA
CloseHandle
GetProcessHeap
GetTempPathW
GetFileAttributesExA
SetTimeZoneInformation
WriteFile
FindResourceExW
UnhandledExceptionFilter
FlushConsoleInputBuffer
EnumTimeFormatsW
GetCommState
SetThreadAffinityMask
EnumSystemCodePagesA
SetThreadPriorityBoost
GetTimeZoneInformation
LocalSize
GlobalReAlloc
DeleteFiber
SwitchToFiber
IsBadWritePtr
TlsGetValue
ExpandEnvironmentStringsW
GlobalFindAtomW
GenerateConsoleCtrlEvent
GetCurrentDirectoryW
SetProcessWorkingSetSize
VirtualProtect
GetVersionExA
PeekConsoleInputW
FreeLibrary
SetSystemTime
QueryDosDeviceA
FormatMessageW
GlobalFree
GetOverlappedResult
GetAtomNameA
ExitThread
CreatePipe
lstrcatW
CreateIoCompletionPort
IsBadReadPtr
Beep
GetStringTypeExW
GetConsoleMode
FindCloseChangeNotification
SetConsoleActiveScreenBuffer
GetVersion
GlobalAddAtomA
SetEvent
RemoveDirectoryA
SetConsoleWindowInfo
DeleteCriticalSection
AllocConsole
GetCommConfig
GlobalFlags
SetEndOfFile
GetShortPathNameA
GetCommandLineA
SystemTimeToFileTime
ExitProcess

user32

GetClipboardFormatNameA
EnumDesktopWindows
ChangeMenuA
DrawIcon
LoadStringW
GetUserObjectInformationA
CharUpperA
SetCapture
DefMDIChildProcA
EndMenu
TrackMouseEvent
SetMenuItemInfoA
SetClipboardData
PostMessageA
UnhookWindowsHookEx
SetClassLongW
GetPropW
EnumDisplaySettingsA
GetForegroundWindow
GetThreadDesktop
PostMessageW
MapWindowPoints
PostThreadMessageA
OpenWindowStationW
GetTitleBarInfo
FrameRect
SendNotifyMessageW
CascadeWindows
DialogBoxParamA
ReleaseDC
GetWindowPlacement
SetSysColors
CreateIconIndirect
AttachThreadInput
LoadIconW
CreateAcceleratorTableA
GetWindowLongW
GetDesktopWindow
HiliteMenuItem
ClientToScreen
SetPropW
DefFrameProcW
GetMenuState
CharLowerBuffW
SetMessageQueue
IsCharLowerW
ShowOwnedPopups
TileWindows
LoadAcceleratorsW
GetDoubleClickTime
OpenClipboard
MessageBoxA
MonitorFromWindow
MapDialogRect
wsprintfA
CopyAcceleratorTableW
LookupIconIdFromDirectory
SetMenuInfo
GetClassNameA
ShowWindowAsync
GetScrollBarInfo
PtInRect

gdi32

SetPixelFormat
SetWindowOrgEx

comdlg32

GetFileTitleA
PrintDlgA
CommDlgExtendedError

advapi32

MapGenericMask
RegSaveKeyA
RevertToSelf
RegisterEventSourceA
AccessCheckAndAuditAlarmA
RegConnectRegistryW
InitiateSystemShutdownW
RegSetKeySecurity
GetServiceKeyNameW
RegRestoreKeyW
LogonUserW
GetSidLengthRequired
RegUnLoadKeyW
UnlockServiceDatabase
RegOpenKeyExA
StartServiceCtrlDispatcherA
ImpersonateSelf
MakeSelfRelativeSD
CryptGetHashParam
IsValidSecurityDescriptor
SetNamedSecurityInfoA
ObjectCloseAuditAlarmA
GetFileSecurityA
RegOpenKeyA
ChangeServiceConfigA
GetNamedSecurityInfoW

shell32

SHLoadInProc

ole32

CoFileTimeNow
CoMarshalInterface
StringFromGUID2
CreateStreamOnHGlobal
CoGetObject
CoTaskMemRealloc
OleInitialize
ReadClassStm
CoQueryProxyBlanket

oleaut32

SafeArrayRedim
VariantCopy
SafeArrayGetElement
SysAllocStringLen
SysStringLen
SafeArrayGetLBound
SafeArrayUnaccessData

comctl32

PropertySheetW

shlwapi

StrFormatByteSize64A
SHGetValueA
PathRenameExtensionW
UrlCombineW
SHQueryValueExW
StrRChrW
PathAppendW
PathUnquoteSpacesA
PathAddExtensionW
PathSkipRootW
StrToIntExW
UrlGetPartW
SHRegCreateUSKeyW
PathRelativePathToA
StrCatBuffA

setupapi

SetupCommitFileQueueA
SetupDiClassNameFromGuidExA

Sections

.text
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5884ff5e299d6a2b0a3b3f0d67acf11c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 316KB - Virtual size: 312KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 29KB

.text
Size: 316KB - Virtual size: 312KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 29KB